ESXi host advanced settings

During every vSphere design and Health Check the vSphere advanced settings are being discussed and every once in a while i receive an email asking me what vSphere advanced settings i normally use and recommends.
I know Duncan Epping wrote a blog post about when to use the vSphere advanced settings a while ago. In general i agree with his opinion to stay away from the vSphere advanced settings since it requires further documentation and testing during the vSphere implementation and the vSphere lifecycle.

Anyway, since i usually implement one or more ESXi host advanced parameters i decided to review the vSphere design and implementations documents i have created the past 1.5 years and put together a blog post about the most commonly used ESXi host advanced parameters.
This blog post does not include any vCenter Server advanced parameters.

  • Net.BlockGuestBPDU set to “1” – The Bridge Protocol Data Unit (BPDU) filter configuration makes sure the ESXi host (virtual switch) drops any packages from a virtual machine doing unauthorized bridging. If not dropping the packages, the physical switch receiving the packages can/will shut down its switch port making the ESXi host NIC connected to the switch port unusable (marked as down).
    Screen Shot 2013-07-15 at 19.40.31More information about BPDU can be found on e.g. the VMware KB website, article 2047822 or by reading the excellent ESXi 5.1 and BPDU Guard article by Rickard Nobel.
    The Net.BlockGuestBPDU ESXi host configuration parameter applies to vSphere 5.1 and 5.5.
    Rickard Nobel wrote an excellent article about ESXi 5.1 and BPDU Guard
  • ScratchConfig.ConfiguredScratchLocation – I usually change this configuration option to the ESXi host local VMFS datastore if an ESXi host local datastore exists.
    Screen Shot 2013-07-15 at 19.29.54
    This makes it possible to view and download e.g. the ESXi host log files directly from the vSphere Web Client.
    Screen Shot 2013-07-15 at 19.57.37
    This can be very useful if the ESXi host lockdown mode security profile feature is enabled since you can not connect to the ESXi host using the vSphere client or running SSH unless you disabled the ESXi host lockdown mode security profile feature.
    The ScratchConfig.ConfiguredScratchLocation ESXi host configuration parameter applies to both vSphere 5.0 and vSphere 5.1.
  • Syslog – yes syslog is an advanced setting and i use this setting for all implementations where a syslog server exists or where i can implement a syslog solution.
    Screen Shot 2013-07-15 at 21.15.20
    The entire Description field is not present in the above print screen.
    The syslog ESXi host configuration parameter applies to both vSphere 5.0 and vSphere 5.1.
  • disk.terminateVMOnPDLDefault or VMkernel.Boot.terminateVMOnPDL– I used this setting in a non vSphere stretched environment a year ago (August 2012) and it saved my customer from unnecessary virtual machine downtime.
    Back in August 2012 my customer was using vSphere 5.0 U1 and then you needed to add the vSphere cluster setting das.maskCleanShutdownEnabled together with the ESXi host setting disk.terminateVMOnPDLDefault to enable a vSphere HA virtual machine failover when the virtual machine is located on a datastore which is in a Permanent Device Loss (PDL) state.
    The das.maskCleanShutdownEnabled is enabled by default since vSphere 5.1 but the disk.terminateVMOnPDLDefault is not, more information available at the VMware vSphere 5.1 Documentation Center.
    The disk.terminateVMOnPDLDefault is a configuration you cannot manage by using the ESXi host Advanced System Settings section in the vSphere Web Client. You need to add the specific configuration to the ESXi host local file /etc/vmware/settings and i covered one way of implementing the configuration in my blog post, ESXi host disk.terminateVMOnPDLDefault configuration using PowerCLI.
    The disk.terminateVMOnPDLDefault applies to both vSphere 5.0 and vSphere 5.1.
    This parameter is changed in the vSphere 5.5 release and is not an advanced ESXi configuration and called VMkernel.Boot.terminateVMOnPDL and not disk.terminateVMOnPDLDefault

I usually leaves the ESXi host advanced settings to their default value unless:

  • It solves an issue.
  • Told by a storage vendor.
  • Told by VMware Global Support Service.
  • Gives you better performance.
  • Activate a feature required by your environment.
  • Makes administration easier.

Important: The ESXi host advanced parameters mentioned in this blog post have been selected based on the current customer situation and also tested and documented carefully before implemented. Make sure you do the same if you consider to use any of the ESXi host advanced parameters.

2 pings

Comments have been disabled.